LinuxQuestions.org
Download your favorite Linux distribution at LQ ISO.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices

Reply
 
Search this Thread
Old 03-21-2013, 12:57 PM   #1
dazdaz
Member
 
Registered: Aug 2003
Location: Europe
Distribution: RHEL 6.x, 5.x, Fedora 20, Kubuntu 12.04, Solaris 10,8
Posts: 321

Rep: Reputation: 17
sshd using pam


Hi

On RHEL 6.3 I would like to configure sshd to use pam where i've configured pam_tally2 for maximum password attempts. pam_tally2 works with sudo and su but not with sshd so that a failed ssh login will increment the failedlogin tally.

/etc/pam.d/sshd includes /etc/pam.d/password-auth

In /etc/ssh/sshd_config I have the following configuration.

Code:
...
UsePAM yes
ChallengeResponseAuthentication no
PasswordAuthentication yes
...
I understand that PasswordAuthentication should be disabled, and this forces sshd to use PAM authentication, however for me, this is not the case because all authenitcation fails and I can't login at all.

Last edited by dazdaz; 03-21-2013 at 01:10 PM.
 
Old 03-21-2013, 01:22 PM   #2
netnix99
Member
 
Registered: Jun 2011
Distribution: redhat, CentOS, OpenBSD
Posts: 239

Rep: Reputation: 73
I just use the line
Code:
 auth        required      /lib64/security/pam_tally2.so per_user deny=3
in the /etc/pam.d/system-auth file. This locks out a user after 3 failed attempts of any kind.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Want to use pam-config for sshd and some other pingu Linux - Security 2 04-05-2012 02:53 PM
Problem in using PAM-TACACS+ with sshd Bandlaraj Linux - Software 0 08-20-2009 08:32 AM
pam.d/sshd config for passwd expiration ssy68 Linux - Newbie 3 03-26-2008 10:56 AM
pam or sshd ignoring max retries; 8 > 3 antieagles Linux - Security 0 09-29-2004 12:45 PM
PAM and sshd, major problems KneeLess *BSD 0 06-06-2004 02:00 PM


All times are GMT -5. The time now is 09:28 PM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration